Filters








41 Hits in 4.7 sec

Multi-collision resistance: a paradigm for keyless hash functions

Nir Bitansky, Yael Tauman Kalai, Omer Paneth
2018 Proceedings of the 50th Annual ACM SIGACT Symposium on Theory of Computing - STOC 2018  
We study the notion of multi-collision resistance of hash functions -a natural relaxation of collisionresistance that only guarantees the intractability of finding many (rather than two) inputs that map  ...  An appealing feature of such hash functions is that unlike their collision-resistant counterparts, they do not necessarily require a key.  ...  We also thank Benny Applebaum, John Steinberger, and Avi Wigderson for valuable discussions.  ... 
doi:10.1145/3188745.3188870 dblp:conf/stoc/BitanskyKP18 fatcat:wkozeczwgvhz7cmwj6ev4nmuki

Enhanced Target Collision Resistant Hash Functions Revisited [chapter]

Mohammad Reza Reyhanitabar, Willy Susilo, Yi Mu
2009 Lecture Notes in Computer Science  
First, we compare the new eTCR property with the well-known collision resistance (CR) property, where both properties are considered for a dedicated-key hash function.  ...  Enhanced Target Collision Resistance (eTCR) property for a hash function was put forth by Halevi and Krawczyk in Crypto 2006, in conjunction with the randomized hashing mode that is used to realize such  ...  We would like to thank the anonymous reviewers of FSE 2009 for their insightful comments and suggestions.  ... 
doi:10.1007/978-3-642-03317-9_20 fatcat:4vtxcbb75vhmrhduuovfchvaly

Domain Extension for Enhanced Target Collision-Resistant Hash Functions [chapter]

Ilya Mironov
2010 Lecture Notes in Computer Science  
The eTCR property, introduced by Halevi and Krawczyk [HK06], is a natural fit for hash-and-sign signature schemes, offering an attractive alternative to collision-resistant hash functions.  ...  We answer the question of Reyhanitabar et al. from FSE'09 of constructing a domain extension scheme for enhanced target collisionresistant (eTCR) hash functions with sublinear key expansion.  ...  The main difficulty in using TCR hashes as a drop-in replacement for broken or vulnerable collision-resistant functions is in handling the key, since the TCR hashes are keyed unlike keyless collision-resistant  ... 
doi:10.1007/978-3-642-13858-4_9 fatcat:3dfop6yderbphclg77xmez3wla

Design of Random Oracle for Block Iterated One-Way Ciphers Through Polynomial Functions

2019 International Journal of Engineering and Advanced Technology  
The conventional keyless provably secure hash functions MD-5, SHA-2 and SHA-3 use RO or Sponge principles for the design and construction of hash function.  ...  The results prove that, the new prototype helps the block iterated hash function to exhibit strong random behavior even for a small bit flip in the input.  ...  The properties are given as follows:  Collision Resistance-For any two different messages x and y , H(x) # H(y).  Pre-Image Resistance-For a given hash value H(x) an adversary should not find y such  ... 
doi:10.35940/ijeat.f1196.0886s19 fatcat:roraxkwunndixcxlis2qfm5gm4

Design of Dynamic Digest through Polynomial Product for Improved Avalanche Effect on Keyless Hash Function

2019 International journal of recent technology and engineering  
Therefore, the proposed design could be considered as a more suitable alternative for the conventional keyless digest function in the perspective of security.  ...  The proposed design uses a higher-order two-variables polynomial function to establish the hash output.  ...  These properties would help the hash function to strenuously resist hash collisions to be considered for integrity related applications.  ... 
doi:10.35940/ijrte.b2376.078219 fatcat:n3vhrx2eqvdtllw4umqudfv2bu

TEDT, a Leakage-Resist AEAD Mode for High Physical Security Applications

Francesco Berti, Chun Guo, Olivier Pereira, Thomas Peters, François-Xavier Standaert
2019 Transactions on Cryptographic Hardware and Embedded Systems  
Moreover, the leakage integrity bound is asymptotically optimal in the multi-user setting.  ...  (iii) It can be implemented with a remarkably low energy cost when strong resistance to side-channel attacks is needed, supports online encryption and handles static and incremental associated data efficiently  ...  For MAC designs, a similar situation appears: during the input-absorbing phase, keyless crypto hash functions are preferred to the typically more efficient universal hash functions.  ... 
doi:10.13154/tches.v2020.i1.256-320 dblp:journals/tches/BertiGPPS20 fatcat:kqbuclxmdjdcxn4ai4ihgsa7ce

Keyless signature infrastructure and PKI: hash-tree signatures in pre- and post-quantum world

Ahto Buldas, Risto Laanoja, Ahto Truu
2017 International Journal of Services Technology and Management  
This paper is a revised and expanded version of a paper entitled 'Keyless signature infrastructure and PKI: hash-tree signatures in pre-and post-quantum world' presented at the  ...  Reference to this paper should be made as follows: Buldas, A., Laanoja, R. and Truu, A. (2017) 'Keyless signature infrastructure and PKI: hash-tree signatures in pre-and post-quantum world', Int. .  ...  which means that hash functions seem to be quantum-immune (in the sense of collision resistance).  ... 
doi:10.1504/ijstm.2017.081881 fatcat:a27mw6daonedtl5t6rwlirgnya

Towards Low-Energy Leakage-Resistant Authenticated Encryption from the Duplex Sponge Construction

Chun Guo, Olivier Pereira, Thomas Peters, François-Xavier Standaert
2020 IACR Transactions on Symmetric Cryptology  
We also provides the first rigorous methodology for the leakage-resistance of sponge/duplex-based AEs based on a minimal non-invertibility assumption on leakages, which leads to various insights on designs  ...  To address this challenge, our first contribution is to investigate the leakage-resistance of a generic duplex-based stream cipher.  ...  Thomas Peters is a postdoctoral researcher and François-Xavier Standaert is a senior research associate of the Belgian Fund for Scientific Research (F.R.S.-FNRS).  ... 
doi:10.13154/tosc.v2020.i1.6-42 dblp:journals/tosc/GuoPPS20 fatcat:rqfvudal2re6znqzn7umrtdxnm

A Modular Design for Hash Functions: Towards Making the Mix-Compress-Mix Approach Practical [chapter]

Anja Lehmann, Stefano Tessaro
2009 Lecture Notes in Computer Science  
values than H, while only inheriting the collision-resistance guarantees for the shorter output.  ...  For this reason, this paper puts forward a completely modular and fault-tolerant approach to the construction of a full-fledged hash function from an underlying simpler hash function H and a further primitive  ...  Introduction Multi-Property Hash Functions.  ... 
doi:10.1007/978-3-642-10366-7_22 fatcat:2m2yzm2ysjcjtlwjh3lhuulo5e

Multi-Property-Preserving Hash Domain Extension and the EMD Transform [chapter]

Mihir Bellare, Thomas Ristenpart
2006 Lecture Notes in Computer Science  
guarantees on the hash function, in particular producing a hash function that fails to be even collision-resistant (CR) even though the compression function to which the transform is applied is CR.  ...  We suggest that the appropriate goal of a domain extension transform for the next generation of hash functions is to be multi-property preserving, namely that one should have a single transform that is  ...  Acknowledgments We would like to thank Thomas Shrimpton for valuable feedback on an earlier draft of this paper and Donghoon Chang for pointing out a mistake in an earlier proof of Lemma 5.1.  ... 
doi:10.1007/11935230_20 fatcat:xrvcfv4tqvgvvkioxdcvtaac7m

On the Existence of Three Round Zero-Knowledge Proofs [chapter]

Nils Fleischhacker, Vipul Goyal, Abhishek Jain
2018 Lecture Notes in Computer Science  
While five round ZK proofs for NP are known from standard assumptions [Goldreich-Kahan, J.  ...  Our main result is that three round private-coin ZK proofs for NP do not exist (even w.r.t. non-black-box simulation), under certain assumptions on program obfuscation.  ...  Five-round ZK proofs are known based on collision-resistant hash functions [29] , and four-round -ZK proofs were recently constructed based on keyless multi-collision-resistant hash functions [14] .  ... 
doi:10.1007/978-3-319-78372-7_1 fatcat:zzyy7azajvdyvnfdip74wg7m2a

Security of Symmetric Primitives under Incorrect Usage of Keys

Pooya Farshim, Claudio Orlandi, Razvan Rosie
2017 IACR Transactions on Symmetric Cryptology  
Standard hash functions are expected to satisfy key-robustness and PRF security, and hence suffice for practical instantiations.  ...  We however provide further theoretical justifications (in the standardmodel) by constructing robust PRFs from (left-and-right) collision-resistant PRGs.  ...  [FLP14] give a multi-property combiner for hash function that is above to simultaneously preserve multiple security properties of input hash functions, including collision-resistance and pseudorandomness  ... 
doi:10.46586/tosc.v2017.i1.449-473 fatcat:d7vmwtelnngtnbao33znw3wo3e

Security of Symmetric Primitives under Incorrect Usage of Keys

Pooya Farshim, Claudio Orlandi, Razvan Rosie
2017 IACR Transactions on Symmetric Cryptology  
Standard hash functions are expected to satisfy key-robustness and PRF security, and hence suffice for practical instantiations.  ...  We however provide further theoretical justifications (in the standardmodel) by constructing robust PRFs from (left-and-right) collision-resistant PRGs.  ...  [FLP14] give a multi-property combiner for hash function that is above to simultaneously preserve multiple security properties of input hash functions, including collision-resistance and pseudorandomness  ... 
doi:10.13154/tosc.v2017.i1.449-473 dblp:journals/tosc/FarshimOR17 fatcat:instduhoojfrdjga6tmxdjsyky

On the Tight Security of TLS 1.3: Theoretically Sound Cryptographic Parameters for Real-World Deployments

Denis Diemert, Tibor Jager
2021 Journal of Cryptology  
(multi-user) security of its building blocks.  ...  Our results enable a theoretically sound selection of parameters for TLS 1.3, even in large-scale settings with many users and sessions per user.  ...  Acknowledgements We thank the anonymous reviewers for their extensive and valuable comments that helped to improve the presentation of the paper a lot.  ... 
doi:10.1007/s00145-021-09388-x fatcat:vhz6kgeejfd7tgfvbowgjbrfne

Does Encryption with Redundancy Provide Authenticity? [chapter]

Jee Hea An, Mihir Bellare
2001 Lecture Notes in Computer Science  
A popular paradigm for achieving privacy plus authenticity is to append some "redundancy" to the data before encrypting. The redundancy is computed by applying a redundancy function to the data.  ...  We investigate the security of this paradigm at both a general and a specific level.  ...  Acknowledgments We thank Hugo Krawczyk for helpful comments on a previous version of this paper. We thank Daniele Micciancio for helpful discussions.  ... 
doi:10.1007/3-540-44987-6_31 fatcat:nsdxoiynybe3pawyyuvw3dxha4
« Previous Showing results 1 — 15 out of 41 results